Open in app

Sign in

Write

Sign in

What are Web3 Wallets? From Getting Started, How they Work, to Securing Them

Retro Canvas
8 min readSep 10, 2022

--

Let’s assume you are a complete beginner, wanting to purchase your first NFT. The first step is to purchase some cryptocurrency (such as Ethereum or Solana), which will be the native currency you’ll be using to buy and sell NFTs. In order to do that, you’ll first need a Web3 wallet, deciding what kind of crypto wallet works for you can be confusing, especially if you’re new to the world of crypto.Don’t worry if all these sounds confusing, we are here to break down the concept of Web3 Wallets into simple and digestible information

What is a Web 3 Wallet

Web3 wallets are essentially digital wallets that can store digital assets, this includes tokens ranging from fungible to non-fungible tokens (NFTs), collectibles, cryptocurrencies, and much more. Web3 wallet also provides access to the crypto realm by allowing you to interact with dApps on various blockchains.

Types of Web3 Wallets

There is much lingo used when describing a wallet in web3 (such as Hardware Wallet, Hot Wallet, Cold Wallet, Ledger, Metamask Wallet, etc), and this easily gets confusing, but ultimately it all boils down to these two types of wallets; Hosted wallets, and User Controlled Wallets.

Hosted Wallets:

Crypto exchanges such as Binance, Coinbase, FTX, for the diverse services they offer such as managing funds on the users’ behalf. They might collect user funds into consolidated accounts and thus control the states of each specific user. Each user that signs up to these platforms have access to a personal Wallet hosted on the platform, where a user can buy, store and sell a variety of Cryptocurrencies (Bitcoin, Ethereum, Solana, etc). Modern hosted wallets facilitate the use of decentralized applications and handle a separate wallet for each user. This isn’t the most important part of the process because you shouldn’t keep your crypto in an exchange for maximum security. In an ideal world, you’d just buy there and immediately transfer funds to a hardware wallet (more on that later), to avoid the risk of losing all your money should you choose the wrong exchange to buy crypto.

User Controlled Wallet:

A user-controlled wallet is distinguished by the local custody of a user’s private keys, as well as the local signature of each transaction. This layer serves as the final user interface for all underlying levels and must provide all functionality to programs that access it, thereby, giving its users a means that is considerably more flexible and direct to perform activities in Web 3 applications. Examples of such wallets include: Metamask, Phantom, Ledger, Trezor etc.

The Categories of Web3 Wallets

In this part, we categories Web 3 Wallets into three: Hot, Cold and Hybrid Wallet as discussed below:

Hot or Software Wallet

A hot wallet is one that is directly connected to and exposed to the internet, such as a native Metamask and Phantom wallet. A benefit to hot wallets is ease-of-use, because they are always online, there’s no need to transition between offline and online to make a cryptocurrency transaction. A hot wallet should be considered inherently vulnerable and compromised, therefore, you should never store anything on it for any significant period of time, and only use it for transitory transactions like buying something quickly and then transferring it to your cold wallet for storage. If you only use a Hot (eg. MetaMask, Phantom) wallet to store your NFTs, you can expect to lose them all in a hack. This is true, as even the most sophisticated of investors and the most tech-savvy people in this space have been privy to being hacked due to a simple mistake.

Cold or Hardware Wallet

A hardware wallet is essentially a cold wallet that can be used together with a hot wallet as an added layer of security; they live on devices that look like a small to medium-sized USB stick. Hardware wallets are designed to be immune to hacking, because they are typically not connected to the internet, so while it may be more secure, it’s less convenient. It achieves this by physically being a new hardware device where your wallet’s private keys are kept and is used for only sending transaction signatures over to your computer to actually execute transactions. Even when a hardware wallet is plugged into your computer or connected via Bluetooth, depending on the storage method, the funds stored on the drive are difficult or even impossible to steal, even if devious malware on your computer tried to steal your funds by maliciously “signing” a transaction initiated in your hardware wallet it would not be the correct signature so the transaction would not go through.

With that in mind, your two primary options for a hardware wallet are a Ledger (the most popular and likely best bet) or a Trezor (the original), as these are the two main hardware wallets that currently work well with MetaMask.

How to use a Hardware (Cold) Wallet

The Ledger and Trezor are the two most commonly used digital storage devices for NFTs and cryptocurrencies. The Ledger is a piece of hardware that houses your assets, it does not store any crypto or NFT, but its primary function is to confirm outgoing transactions and addresses from a specific wallet. Consider it a key to unlocking your assets on the blockchain, although incoming transactions do not require Ledger approval, you will be able to see and check transaction addresses that use it.

  1. When you receive your hardware wallet, you must fully configure it. Just like with a hot wallet (eg.MetaMask, Phantom) setup, you’ll want to securely store your seed phrase to ensure that no one else can ever access it but also that you never lose it.
  2. Then connect your Hardware wallet (Ledger or Trezor) to a hot wallet (eg. MetaMask, Phantom) and proceed to use it as you normally would. The only difference now is that whenever you make a transaction, your Hot Wallet (eg. MetaMask) will prompt you to confirm it on your Hardware wallet, adding an important extra layer of strong security to each transaction.

Important: Make sure you read each transaction that MetaMask asks you to confirm, and that the inputs and outputs shown on your Ledger/ Trezor are what you expect — failing to check exactly what the Ledger or Trezor is asking you to confirm is how the Nexus Mutual founder was hacked and this guy lost all his assets in an OpenSea Discord support scam despite using a Ledger.

Hybrid Wallet

A Hybrid wallet is used to describe the use of multiple wallets usually a hot wallet and a cold wallet in order to achieve maximum security. It is the best option to use, especially if you want to find the right balance between the convenience of a hot wallet and the peace of mind and security of a cold wallet. Many people will end up with multiple versions of each: an exchange account hot wallet, a mobile cold wallet, and a hardware cold wallet for cryptocurrency exchange. The trend is for funds to be stored in hardware cold wallets rather than hot wallets. Cold wallets are becoming more convenient as hot wallets become more secure, a popular trend is to use a second phone solely as a mobile crypto cold wallet, only turning it on when making a transaction. Those who use a crypto exchange wallet to store the majority of their funds should choose an exchange with a strong focus on security.

Cold Vs Hot wallets, what is the difference

Here’s a simple diagram explaining this concept from Vlozano.eth

A hot wallet is what you use to buy, sell, or transfer your assets (cryptocurrency, NFT, tokens etc) while a cold wallet is one that you don’t use for anything other than storing your assets. If you intend to keep the NFT, you should use a hot wallet to mint it in and transfer it to a cold wallet. It is advisable to use a cold wallet, and it should not be used to mint or connect to any website.

There is a common understanding in security circles that anything connected to the internet should be considered compromised, and this is especially true when it comes to crypto, where once you are compromised and all of your assets are stolen, there is generally no recourse. Unlike with most things in the world, within web3 space you have to trust yourself more than ever before.

When it comes to securing your wallet, using a hardware wallet will require a bit of effort to set up but using it along with safe practices can help minimize threats to your assets. The use of a Ledger wallet alone does not provide a magical shield to protect you from the world around you, because if others have your seed phrase/private key, you are doomed.

Here are some options for limiting exposure to your wallet:

  1. Purchasing a Hardware Wallet: Do your research and decide which device will suit your needs. When purchasing we recommend the following:
  2. Do not buy from 3rd party sellers (e.g Amazon, ebay etc), only buy from the factory store at their official site.
  3. Test your device’s authenticity and functions before use. If your device’s package has been opened, tampered with, or you notice anything strange contact the manufacturer before use.
  4. Get comfortable with it before transferring assets, setup a Passphrase on the device and go through the setup, intentionally put in the wrong pin numerous times and see what happens.
  5. Never connect anything to your Cold wallets: When confirming a transaction on your hardware wallets, use caution and read what you are signing. You should never connect your cold wallet to anything other than another hot wallet you control. This means no direct minting from the wallet, no connecting to CollabLand for verification.
  6. Never share your seed phrase or Private Key: A seed phrase is the 12–24 words, (we strongly recommend going with the maximum) used to create a web3 wallet. By adding a Passphrase to your original seed, you will be creating a new set of accounts. Passphrase protected accounts require a hacker to obtain not only the Seed Phrase but the Pin and Password, this limits a hacker’s ability to compromise your accounts even if the Seed Phrase becomes compromised. Remember if you lose your pin or password on a Passphrase account, they’ll have complete access to your wallet and your funds will be lost and are unrecoverable, just like losing a seed phrase.
  7. Never reveal your seed phrase to anyone, if anyone inquires, it is a Scam! No legitimate person or business will ever inquire.
  8. Never put your private keys or seed phrases on the internet. Don’t try to hide it in a cryptic document, email, or photograph it. Keep offline in a safe place.

Originally published at http://retrocanvasdesign.wordpress.com on September 10, 2022.

Web3
Web3 Wallet
Wallet
Crypto Wallet
Crypto Wallet App

--

--

Retro Canvas

Written by Retro Canvas

7 Followers

We are here to help you build an online presence. Learn the A-Z of Digital marketing & Online business. Visit Us: https://retrocanvasdesign.wordpress.com/

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams